For 11 minutes, those looking for "realDonaldTrump" received a Twitter equivalent of a 404 page, "Sorry, that page doesn't exist!

Twitter

Twitter, was on the case, and as noted, the account was "off" for only 11 minutes. TwitterGov tweeted:

Update: We have implemented safeguards to prevent this from happening again. We won’t be able to share all details about our internal investigation or updates to our security measures, but we take this seriously and our teams are on it. https://t.co/8EfEzHvB7p

The tweet asks us to trust they are doing the right thing, investigating, and though we won't be able to see their security measures, they will be appropriate and designed to not allow such an event from happening again.

Insider threat amplified to those in InfoSec

While many cheered the silencing of the POTUS Twitter account, those looking at the event through the prism of information security and insider threats weren’t smiling.

Indeed, their minds raced to the multitude of actions that this insider on his/her way out the door could have taken that may have caused a cascade of events to occur. The “what ifs” are innumerable — tweet a declaration of war, order a covert action, post inappropriate images, etc., etc., etc.

They were looking at the mirror and asking themselves, can this happen at my company?

Can you trust Twitter?

There is indeed an implied trust within the social network engagement by all users. This episode at Twitter demonstrates how customer support employees — be it at Twitter, Facebook, LinkedIn or the like — have in their hands superuser access that can be misused/abused to disrupt any account: yours, mine, your grandmothers, your favorite band, and, yes, even that of POTUS.

The New York Times tells us “how Twitter employees gathered in private Slack channels and used Twitter to send direct messages to one another to remark how insecure Mr. Trump’s account had been.” The NYT also wrote, “Hundreds of employees can access the accounts of so-called Very Important Tweeters and can take actions like disabling accounts.”

Some Twitter accounts are more important than others? Apparently so.

Perhaps in response to the NYT, Jack over at Twitter joined in with assurances and took the opportunity to post “Clarifying the Twitter Rules” — the timing of which seemed out of step. What he should have published for Twitter user's edification is the internal admonishment to the Twitter customer support team on their role as a trusted insider at the point of engagement with the user.

The power of trusted insiders

Some of the most trusted roles within any enterprise are those who are involved with customer support. If an employee could turn off the stream of POTUS, whose stream is immune? Mine, yours?

Think of the ramifications should competitors wish to disrupt the business cycles of each other? Let your imagination run through the possible scenarios. Competitor A suborns a Twitter customer service rep to turn off the Twitter stream of Competitor B right as the quarterly financial livestream is to begin, or he asks them to insert a brand-damaging tweet into the stream — BOOM, Competitor B is in crisis management, not customer engagement.

Or a nation state asks for the login credentials for the accounts of various heads of state and then uses those in one blitz, creating the appearance of a public dialog and causing innumerable cycles to be expended by those affected nations to unwind the damage.

No, this Twitter employee's action wasn’t about user behavior. This event demonstrated the need to have checks and balances in place to provide assurances that those in positions of trust can be trusted.

Think about your own company. What can your insider do to damage your brand or trust with your users? Take this event, and internalize it before it happens to you.

Christopher Burgess is an advocate for effective security strategies, be they at the office or home for you and your family. Christopher, served 30+ years within the Central Intelligence Agency. He co-authored the book Secrets Stolen, Fortunes Lost, Preventing Intellectual Property Theft and Economic Espionage in the 21st Century.